C-MOR Video Surveillance versions 5.2401 and 6.00PL01 suffer from a command injection vulnerability.
e6ab13a0246110b44dcdf4979931f3c724f8288c7be0ae45d14d5e88b8828ed4C-MOR Video Surveillance version 5.2401 makes use of unmaintained vulnerability third-party components.
50868d349c84704995bd17063b29d34678bda3760321be0ea29d00df62e4fce6C-MOR Video Surveillance versions 5.2401 and 6.00PL01 stores sensitive information, such as credentials, in clear text.
8db1a14276a8b4afd861e338c4174f26f883c0e15f48c5cde474fcac3953deddC-MOR Video Surveillance versions 5.2401 and 6.00PL01 suffer from an improper privilege management vulnerability that can allows for privilege escalation.
2f2ea225657058c95e1bc52540ab6b85b8f472f2bc7c04ebb877194055c37e90C-MOR Video Surveillance version 5.2401 suffers from a remote shell upload vulnerability.
787e5049c9d126f909aa923e05bb07cd07413bc5154345d71f346e74ec5c9114C-MOR Video Surveillance version 5.2401 suffers from a path traversal vulnerability.
6fe58f550278f2bf7107e64be242c5fbad1b8ffd839d50b19fc56c102e4780e2C-MOR Video Surveillance version 5.2401 suffers from an improper access control privilege escalation vulnerability that allows for a lower privileged user to access administrative functions.
32777de2ae7cbdb7a5ea02bd7eb88688b8d67865352de7b14c8e41c4d0568f1aC-MOR Video Surveillance versions 5.2401 and 6.00PL01 suffer from a remote SQL injection vulnerability.
3631436bc00a5ef9505d823e81f823511bc49dc2698141fab1c6e02a8b517a74C-MOR Video Surveillance versions 5.2401 and 6.00PL01 suffer from a cross site request forgery vulnerability.
280ac578aec4b568b932c6180b77dd607186ef35d18e5d6e3f81d7c2e2a25b04C-MOR Video Surveillance versions 5.2401 and 6.00PL01 suffer from a persistent cross site scripting vulnerability.
1c20fdc720d1f9d37d1f2af502f48729eb04135e13883038d161f9835b8b3f55C-MOR Video Surveillance version 5.2401 suffers from a reflective cross site scripting vulnerability.
b6dd21760972bd50552c5c42a0225c1feee7b02dec561b4da5ec6673a6543af4AudioCodes VoIP Phones with firmware versions greater than or equal to 3.4.4.1000 have been found to have validation of firmware images that only consists of simple checksum checks for different firmware components.
87f14d8fb3d841332987f94e0d0b781df7d013b6b805f919c5e4b88c417fe4f0Omnis Studio version 10.22.00 suffers from a locked class bypass vulnerability.
70baa8a88b3de2130acfbd71ec3e460da1f75e0d1808158d3e555ff37a98c8f0Omnis Studio version 10.22.00 suffers from a private library access bypass vulnerability.
53637e29b7365ce0e3a3037d27a08a606b6472cc022aa871d1d1d277c7cbca39When analyzing the external data storage Verbatim Store 'n' Go Secure Portable SSD, Matthias Deeg found out that the device will not lock and require reformatting after 20 failed passcode attempts, as described in the product description and the corresponding user manual.
08145b3fed5af98f2c1a58867fcffc5c6a963943711eed8b147ca33d079c84b8When analyzing the external data storage Verbatim Store 'n' Go Secure Portable SSD, Matthias Deeg found out that the validation of the firmware for the USB-to-SATA bridge controller INIC-3637EN only consists of a simple CRC-16 check (XMODEM CRC-16).
d39be10e67c9b627d81d5563e3043fc1643ed064d12773022e54946e4d13c40cWhen analyzing the external storage device Verbatim Store 'n' Go Secure Portable SSD, Matthias Deeg found out that the firmware of the USB-to-SATA bridge controller INIC-3637EN uses AES-256 with the ECB (Electronic Codebook) mode.
94cc2f212c629f6d55adb277c12c057ade203121d15ef2c833dae91f93644f56When analyzing the external storage device Verbatim Store 'n' Go Secure Portable SSD, Matthias Deeg found out that it uses an insecure design which allows for offline brute-force attacks against the passcode.
1eec8f74130bb65d97f78635534eca25e6988ba281f9bc35cc664431829d03d5When analyzing the USB flash drive Lepin EP-KP001, Matthias Deeg found out that it uses an insecure hardware design which allows an attacker to bypass the password-based user authentication.
aab63ef3bc7b1c7a28a491f23ff3e38331ea8654041288aca94a8bd6d5435366When analyzing the Verbatim Executive Fingerprint Secure SSD, Matthias Deeg found out that the content of the emulated CD-ROM drive containing the Windows and macOS client software can be manipulated. The content of this emulated CD-ROM drive is stored as ISO-9660 image in the "hidden" sectors of the USB drive that can only be accessed using special IOCTL commands, or when installing the drive in an external disk enclosure.
26ff4e832d69529801ce9581fa340d311be8da080d073cf03ef28644ddb30a51When analyzing the Verbatim Executive Fingerprint Secure SSD, Matthias Deeg found out that the validation of the firmware for the USB-to-SATA bridge controller INIC-3637EN only consists of a simple CRC-16 check (XMODEM CRC-16). Thus, an attacker is able to store malicious firmware code for the INIC-3637EN with a correct checksum on the used SPI flash memory chip (XT25F01D), which then gets successfully executed by the USB-to-SATA bridge controller.
6fe888a83e3d60fa3dff9cbd864af7c01af27b2dbd4a6cda8d208d3d0a240337When analyzing the Verbatim Fingerprint Secure Portable Hard Drive, Matthias Deeg found out that the content of the emulated CD-ROM drive containing the Windows and macOS client software can be manipulated. The content of this emulated CD-ROM drive is stored as ISO-9660 image in the "hidden" sectors of the USB drive that can only be accessed using special IOCTL commands, or when installing the drive in an external disk enclosure.
820817b00f35d5e9cdd824108c5f8d3d74d064b3343d74f7c689cef4f9919f97When analyzing the Fingerprint Secure Portable Hard Drive, Matthias Deeg found out that the validation of the firmware for the USB-to-SATA bridge controller INIC-3637EN only consists of a simple CRC-16 check (XMODEM CRC-16). Thus, an attacker is able to store malicious firmware code for the INIC-3637EN with a correct checksum on the used SPI flash memory chip (XT25F01B), which then gets successfully executed by the USB-to-SATA bridge controller.
5cf09b9a6a7dc17bc2bc9248633676029f1f2f7c319f1bda1a93395588b69053When analyzing the Verbatim Fingerprint Secure Portable Hard Drive, Matthias Deeg found out that the firmware of the USB-to-SATA bridge controller INIC-3637EN uses AES-256 with the ECB (Electronic Codebook) mode. This operation mode of block ciphers like AES encrypts identical plaintext data, in this case blocks of 16 bytes, always to identical ciphertext data. For some data, for instance bitmap images, the lack of the cryptographic property called diffusion concerning the ECB mode can leak sensitive information even in encrypted data.
5957d6ef4f65feb57e39fb3699989b7271db9a941fefc0a0ecfcc6d07e41f538When analyzing the Verbatim Fingerprint Secure Portable Hard Drive, Matthias Deeg found out it uses an insecure design which allows retrieving the currently used password and thus the ability to unlock and access the stored data in an unauthorized way.
bf98542c479e3621d63c8f97f240d1176143d928dd39fcee82bda83c3c2f65d1
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed